Last active
January 13, 2017 10:32
-
-
Save jolbax/18b4560dc46ec146dbc4a3fdd4b2ffb1 to your computer and use it in GitHub Desktop.
Connecting two server running different type of SSH can be nightmare if you does not know how to convert the key. In this tutorial, I will try to explain on how to convert the public key from OpenSSH to SSH2 and SSH2 to OpenSSH. To convert the key, it must be done in OpenSSH server.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Convert OpenSSH key to SSH2 key | |
Run the OpenSSH version of ssh-keygen on your OpenSSH public key to convert it into the format needed by SSH2 on the remote machine. This must be done on the system running OpenSSH. | |
#ssh-keygen -e -f ~/.ssh/id_dsa.pub > ~/.ssh/id_dsa_ssh2.pub | |
Convert SSH2 key to OpenSSH key | |
Run the OpenSSH version of ssh-keygen on your ssh2 public key to convert it into the format needed by OpenSSH. This needs to be done on the system running OpenSSH. | |
#ssh-keygen -i -f ~/.ssh/id_dsa_1024_a.pub > ~/.ssh/id_dsa_1024_a_openssh.pub | |
Steps involved to produce and convert the keys. | |
OpenSSH | |
To generate an OpenSSH sshv2 key | |
$ ssh-keygen -t dsa -f newkey | |
Generating public/private dsa key pair. | |
Enter passphrase (empty for no passphrase): | |
Enter same passphrase again: | |
Your identification has been saved in newkey. | |
Your public key has been saved in newkey.pub. | |
The key fingerprint is: | |
c6:db:3a:ff:4c:79:a7:d8:cb:be:82:e8:9d:db:8c:e9 brad@eta | |
To export to ssh.com | |
$ ssh-keygen -e -f newkey.pub | |
—- BEGIN SSH2 PUBLIC KEY —- | |
Comment: “1024-bit DSA, converted from OpenSSH by brad@eta” | |
AAAAB3NzaC1kc3MAAACBAJ7QKkrLoOE9TNPVmKVedk1GAr/S+Cruq3/GtjRnxvJqbBbfne | |
lWYUC+vbHc5a+7bgRsQfCgoCeGKH5wGD4CDWQMhy2XYomnGf1gUC86Hq77/Noqa02N441E | |
FSTIEoNlU2aYi8zwVQKlgP6e22mG9sK7zSaGX639ctaigHuST8qPAAAAFQC2az8dfxHkkD | |
ZAEw+RcvRn3cpXFQAAAIEAgYpPs6d+Kyw37ZaBarlMEaZoEfrxhUZ44SN+KoqBZYpSVwyH | |
J+/RB0zVUizXCmZ5RhYSsYZ57Iixx1bBmBxogaEh5d7xxUpg/9Xctf94Jsf7vxccjZ4XYA | |
RrVikq/0L9fuKOmo4ET9iAf+GL7w2u5gzxxZr+xX5jw/A7907lOCwAAACAMoHHk0o1XkG+ | |
yeaPtuwbrHshGqTjpOUkJ/AYuQ8OBuVAOdqse1di9JpeHko26G0zoH3N+nDHMGdYYTNHzR | |
NYRd2q20ztcAP52crZo1rtpNdvs6c+RTEIgoP3oYh1e1+rg70tWKIW3R/NYB39CESHoyqs | |
AJ7vzOPm0iUOd36YECY= | |
—- END SSH2 PUBLIC KEY —- | |
SSH | |
To generate a key: | |
$ ssh-keygen | |
Generating 2048-bit dsa key pair | |
1 oOo.oO | |
Key generated. | |
2048-bit dsa, marshalb@obelix.cqu.edu.au, Tue Jul 15 2003 13:53:34 +1000 | |
Passphrase : | |
Again : | |
Private key saved to /usr/users/staff/m/marshalb/.ssh2/id_dsa_2048_b | |
Public key saved to /usr/users/staff/m/marshalb/.ssh2/id_dsa_2048_b.pub | |
To convert from ssh.com to OpenSSH (using OpenSSH ssh-keygen): | |
$ ssh-keygen -i -f id_dsa_2048_b.pub | |
ssh-dss AAAAB3NzaC1kc3MAAAEBAKueha6mfr5OUcscc88lmQUBBgYSZ08htHFaYzke2N | |
5WG6ql1NgwQsyY2mMRxvvGckBeInx2GvRlz1+izDs5p4UGhkMzG8qOoT2y2vLwTFQyxi4I | |
XET1e0E8VYC0dcLfs5Zg6RxEY7GA5FiydS6dceuPnLJgCYDfyb9Qbk4rVEvREODo8dV/KR | |
lZxecEgaeKOO7ZnEzaIVPRCVb6U6EaRtZvxKfGnNFI957AfZ+Hqevz1IeQNDCp00EmaNli | |
8Ow4rjOPlH7o818r35Ea8mMoV0hkirNQ25zf/Z1LvCS3649537YDi/SVmMMpGCvT93w/TR | |
vk5RKlwVVy+TH52C8/MKEAAAAVAOuDCV61LvfKz0bd8hYEJ/gGof9XAAABAQCFRhlpWtVO | |
hTxcWcrnZp9EbbVRZO16St5TPjL86khb7b/VjScOAgt0tslHwtEEQzImv1xRkk6ZQ1o9pv | |
Azb1fMZrZMGIy9zUXvL0v6LNXxCxN9YIjx14OXYfH8EIQDZJGRJoxHvEvUVjv3lHnTuxbd | |
Krcbagvakxvgjq1wVyEueilO+g+WhJm+Q+XIYRl0TK9qtsAVFmzxBxT5USZFJ+1kbG7ipp | |
fFSGWRd3KPUCVQ8iGO3IMjtIlfcuGOArbKB06kMlxsdjNjhcEIHtR0jpaEeB2X+HrVScQE | |
oXG4S8YkiIExlIvjhrVr571BTOuO9H5VHt4CtKUxeXxKZWslulYwAAABAHm3zlMsXxPL/H | |
Oq29qf7Lk90b7El+j19E2UkyssfSu6+/k4bFf6ax2n3yEn31S5bUdNvgqmlEjdERc4SkU6 | |
5b5LW2ZI1v7kRoegG+bD2Q21N9Rv/lwS7CTprenKiMMRJ8TU7FMIVT3zEZkV+etC7cbaN+ | |
09GoiFTt+h7IDmo7onlo64oSMrcc+xt++ZUzENTVBgDoS92jlpnELkyJqZgb1/fdEPT6wR | |
j132yBxWLqDGmbp9msmY1us+XNDY8isF80u9yTTXGTskOtCSaeavDDtPOKN5ZR20sHpIBg | |
t6zd6mm/zKD6OZo14BLSJr7ldwSRzNNYMtkLnNyFSYxAIrm9Y= | |
You can then use the output in authorized_keys file on an openssh box. | |
OpenSSH v2 -> SSH v2 | |
On the OpenSSH box, create a DSA key via the following: | |
$ ssh-keygen -t dsa | |
Export the key into ssh.com v2 format: | |
$ ssh-keygen -e -f ~/.ssh/id_dsa.pub > newPubKey | |
Copy the converted ssh key to the ssh.com server | |
$ scp newPubKey server:.ssh2/id_dsa.pub | |
On the server, tell the ssh.com server that the public key is allowed: | |
echo “Key id_dsa.pub” >> ~/.ssh2/authorization | |
SSH v2 -> OpenSSH v2 | |
On the ssh.com box, generate a DSA key: | |
$ ssh-keygen | |
Copy the generated key to the openssh box: | |
$ scp ~/.ssh2/id_dsa_1024_a.pub server:.ssh | |
Convert the public key to openssh format and append to authorized_keys: | |
$ ssh-keygen -i -f id_dsa_1024_a.pub >> ~/.ssh/authorized_keys | |
On the ssh.com box setup the private key: | |
$ echo “IdKey id_dsa_1024_a” >> ~/.ssh2/identification | |
SSH v2 -> SSH v2 | |
On the ssh.com client, generate a DSA key: | |
$ ssh-keygen | |
Copy the generated key to the server: | |
$ scp ~/.ssh2/id_dsa_1024_a.pub server:.ssh2 | |
On the server, tell the ssh.com server that the public key is allowed: | |
$ echo “Key id_dsa._1024_a.pub” >> ~/.ssh2/authorization | |
On the ssh.com client setup the private key: | |
$ echo “IdKey id_dsa_1024_a” >> ~/.ssh2/identification | |
OpenSSH v2 -> OpenSSH v2 | |
On the OpenSSH box, create a DSA key via the following: | |
$ ssh-keygen -t dsa | |
Copy the ssh key to the server | |
$ scp ~/.ssh/id_dsa.pub server:.ssh/id_dsa.pub | |
Add the key to the authorized_keys file on the server | |
$ cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment